Is there a preferred technique to eliminate unknown
packet types from being displayed? (esp. the raw data)
Example: NBT
09:37:11.659751 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: . 25078:26538(1460) ack 561
win 8760
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=24576 (0x6000)
Session packet:(raw data?)
(DF)
09:37:11.659809 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: . 26538:27998(1460) ack 561
win 8760
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=0 (0x0)
Session packet:(raw data?)
(DF)
09:37:11.659870 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: P 27998:29416(1418) ack 561
win 8760
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=152 (0x98)
Session packet:(raw data?)
(DF)
09:37:11.660125 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: . ack 23618 win 17520 (DF)
09:37:11.660354 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: . ack 26538 win 17520 (DF)
09:37:11.660599 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: . ack 29416 win 17520 (DF)
09:37:11.663481 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx: P 561:658(97) ack 29416 win
17520
- ___________.___________________.________
- < Al Piszcz | [EMAIL PROTECTED] | MITRE >
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
